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(57) ABSTRACT 

A system for dynamically controlling a network device is 
implemented in a network device including a parser and a 
service provider. The parser includes instructions for selec- 
tively invoking the service provider in response to a com- 
mand parsed from an external input received by the network 
device. 
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SYSTEM FOR DYNAMICALLY 
CONTROLLING A NETWORK PROXY 

This application claims the benefit of U.S. Provisional 
Application Ser. No. 60/042,071 titled "System for Dynami- 
cally Controlling a Network Proxy," filed Mar. 25, 1997 by 
Robert C. Knauerhase et al. and assigned to Intel 
Corporation, the disclosure of which is expressly incorpo- 
rated herein by reference. 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention relates generally to the field of 
computer networking, and in particular to a method and 
apparatus for enabling a device configured as a network 
proxy to perform a predetermined action in response to 
dynamic input. 

2. Related Art 

It is known to deploy a network proxy, or proxy server, as 
an intermediary between one or more client computers and 
an external network such as the Internet. Network proxies 
are described generally in Ian S. Graham, HTML Source 
Book: A Complete Guide to HTML 3.0 403 (2d ed. 1996). 
Most existing network proxies, however, lack any ability for 
command processing or dynamic configuration. Instead, 
network proxies are typically preconfigured using static 
control panels and settings stored in, for example, ".INI" 
files or MS-Windows registry entries. These settings remain 
unchanged for as long as the network proxy is mnning. 
Moreover, such network proxies lack any facility for 
dynamically receiving and acting upon commands or 
instructions that would effect a reconfiguration of the net- 
work proxy. This is because network proxies have typically 
been used only as a pipeline. For example, a network proxy 
used for World-Wide Web (WWW) access simply passes 
HTTP requests received firom a client computer to a server 
computer capable of servicing that request. Likewise, con- 
tent which the network proxy receives from the server 
computer in response to such a request is simply passed to 
the requesting client computer. In other words, the network 
proxy does not inspect content passing through it. 

In view of the foregoing limitations of existing 
technology, there is a need for a network proxy capable of 
acting upon information passed to it, whether it be a com- 
mand embedded in a request originated by a client computer 
or content provided by a server computer. Although such 
dynamic control of network proxies is desirable, it is imprac- 
tical to expect the expansive Internet infrastructure to 
quickly change to accommodate such a new capability. For 
this reason, it is desirable to implement this new capability 
in a way that does not require changes to existing client 
computers or server computers. 

SUMMARY OF THE INVENTION 

The present invention relates to systems, methods and 
devices for dynamically controlling a network proxy. 
Embodiments may be used, for example, to dynamically 
effect network reconfigurations, to alter operational param- 
eters of the network proxy, and to transcode network content 
prior to transmitting it to a client device. 

According to one particular embodiment, a dynamically- 
controllable network device comprises a parser and a service 
provider. The parser includes instructions for selectively 
invoking the service provider in response to a command 
parsed from an external input received by the network 
device. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a schematic diagram illustrating a dynamically 
controllable network device according to an embodiment of 
the present invention. 

FIG. 2 is a schematic diagram illustrating an embodiment 
of the present invention in which a dynamically controllable 
network device is implemented as a network proxy. 

FIG. 3 is a schematic diagram illustrating an embodiment 
10 of the present invention in which a dynamically controllable 
network device is implemented as a transcoding server. 

FIG. 4 is a flow diagram illustrating a method for dynami- 
cally controlling a network device according to an embodi- 
ment of the present invention. 

15 DETAILED DESCRIPTION 

According to a first embodiment of the present invention, 
illustrated schematically in FIG. 1, a means is provided by 
which a network device 2 (which may be any computer 

20 configured to act on behalf of another computer for network 
transactions) may be instructed to act in a particular manner 
based upon an externally-originating input. Such input may 
originate from, for example, a system administrator. Net- 
work device 2 is configured to inspect network traffic 

25 passing through it. In some instances, network device 2 may 
intercept commands and take certain predetermined respon- 
sive actions. In other instances, network device 2 may take 
certain actions based upon a characteristic of the content it 
receives, such as a datatype or MIME (Multipurpose Internet 

30 Mail Extensions) type. Such actions may include, for 
example, setting operational parameters on network device 
2, such as the size of a cache storage; remote management 
of network device 2, such as retrieving/purging log files, 
obtaining system status information, and restarting network 

35 device 2; and promulgating software upgrades. 

In this embodiment, network device 2 includes a control 
module 4 having a parser 6 and a plurality of service 
providers 8. Control module 4 may be implemented, for 
example, as a software module installed in network device 

40 2. Parser 6 is configured to act upon an external input 
received by control module 4, such as a request for a 
network object generated by a client device or a reply to 
such a request provided by a network server device. In this 
particular embodiment, parser 6 is responsible for selec- 

4 5 tively invoking one or more of service providers 8 based 
upon a predetermined selection criterion. The predetermined 
selection criterion may be, for example, a command embed- 
ded within a request, a characteristic of a received request or 
data object, a condition of network device 2 itself, combi- 

50 nations of the foregoing, and so on. 

According to another embodiment of the present 
invention, illustrated schematically in FIG. 2, a 
dynamically-controllable network device may be imple- 
mented as a network proxy. A network proxy, or proxy 

55 server, is typically used in conjunction with so-called "fire- 
wall" software to protect a LAN (Local Area Network) from 
unauthorized access over the Internet. A firewall, typically 
installed on a gateway computer that links a LAN to the 
external world, restricts externally-originated network pack- 
et) ets from entering the local network, thereby protecting the 
LAN from hazards such as unauthorized access. The 
firewall, however, also prevents network users from directly 
accessing external resources such as the Web. Network 
proxies are often used to address this shortcoming. See 

65 Graham, at 403. 

Network proxies are usually configured to have free 
access to both internal LAN resources and external 
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resources, and can safely pass data back and forth across the transcoding (for example, adding, changing and/or deleting) 
firewall. Users may then be given safe, though indirect, content received from Internet 18 prior to returning it to a 
access to Web resources by configuring the user's Web requesting network client 12. 
browser to reference the network proxy instead of external T , . , , ... . - 
target servers. When the Web browser is used to retrieve 5 Loobng more closely at the embooiment in FIG. 3 parser 
information from outside the firewall it sends a request to the 22 manages the transcoding of data to be transmitted from 
network proxy, which then completes the request and returns transcoding server 34 to network client 12. To this end, 
the result to the requester Id P^ 1 " 22 controls transcode service providers 24 to selec- 
Referring now to FIG. 2, according to this embodiment a tivel y facade content based on a predetermined selection 
dynamically-controllable network proxy 34 manages the 10 cntenon For example, one or more transcode service pro- 
transfer of data from the Internet 18 to a network client 12. v,d f rs J £ ma y P r0VK L e the ca P ablht y t0 compress and/or 
Network client 12 and network proxy 34 may be any ^ di£ ™ ni of data 35 ima S e > vldeo ' 
computers having suitable data communications and pro- ° r HTML (Hypertext Markup Language). As is explained 
cessing capabilities and capacities. Network client 12 com- forth* below, one or more transcode service providers 24 
municates requests for information to, and receives infor- 15 m ^ also be P r0Vldc ; d . to act u P° n a <* m naand or other 
mation from, network proxy 34 over a client/server formation contained ma request or -a data t object received 
communications link 14. Client/server communications link b >! transcoding server 34, or any other information deter- 
14 may comprise, for example, a so-called "slow network" minable by transcoding server 34, to effect the dynamic 
using, for example, POTS (Plain Old Telephone Service) contro1 functionality described herein, 
dial-up technology or wireless connections. Alternatively, 2 o As shown in FIG. 3, transcoding server 34 may also 
client/server communications link 14 may comprise a include a server-side cache memory 30 managed by a 
socalled "fast network," such as a LAN or WAN (Wide Area server-side cache interface 28. Server-side cache memory 30 
Network), which is capable of operating at much higher may be used to store both original and transcoded versions 
speeds (for example, 5x to lOx) than are possible with slow of content for later transmission to network client 12 without 
networks. Combinations of these access methods are also 2 5 the need to re-retrieve the content from Internet 18 or to 
possible. For example, network client 12 may use a POTS or re-transcode the content. 

wireless dial-up connection to a modem bank maintained by T r ~ A . ... ^ ii ^^l 

ion fi * * c n 'a \ u- u • ■ * Transcoding server 34 is coupled to network client 12 by 

I, ? T V &ra »* rovide * A w J?ich » * ' client/server communications link 14. Network client 12 

nected to network proxy 34 over a LAN. Network proxy 34 mcllldes browsef 32 such me Ne Navigator v.3.0 

communicates with computers resident on Internet 18 30 kwm „„ /„nu«,.~u #1! * * . i- j • *u- 

tU . / *. i • *• vii/-i_-i_ browser (although the invention is not limited m this 

through server/network communications link 16, which may „,u\,u J™ *u ♦ ca* * 

& . • t • respect), which manages the presentation of data to a user, 

comprise any suitable communications medium known in . • , , . . & . i r * 11 • « ui a » 

tU v. c J . . . . . v 1 . . • ,1 In this embodiment, network client 12 is "non-enabled, 

the art. Server/network communications link 16 is typically „• • i- j* r*. • ijj 

a much faster connection than client/server communications transcodmg software is preloaded on 

link 14. 35 r c en . 

Network proxy 34 may be implemented, for example, as . Parser 22 mav comprise a relatively simple, uniform 

part of a network server, as a stand-alone computer in interface to HTTP remote proxy 36, and may provide an API 

communication with a network server, or even as a distrib- (Application Programming Interface) for dynamically con- 

uted system of computers. Network proxy 34 may be trolling trans codin g server 34 and/or for transcoding data 

coupled, for example, to a network server (not shown), an 40 received b y HTTP remote proxy 36. Parser 22 manages one 

ISP's network, a corporate network, or anywhere on Internet or more transcode service providers 24 that are accessed 

18, and provides multiple users with a means to obtain through a common SPI (Service Provider Interface). In this 

content resident on Internet 18. Network proxy 34 may also particular embodiment, parser 22 is designed in compliance 

be coupled to one or more additional network proxies (not w** the Windows Open Systems Architecture (WOSA), and 

shown). Network proxy 34 differs significantly from known 45 mav be implemented as a Win32 DLL (Dynamic Link 

network proxies, which generally are little more than a Library). The WOSA architecture, described in Readings on 

conduit for requests to, and replies from, external Internet Microsoft Windows and WOSA (Microsoft Corp. 1995), 

resources. Here, network proxy 34 not only examines such enables additional transcode service providers 24 to be 

requests and replies, but may act on commands in the dynamically added to the system to provide new features, 

requests by, for example, dynamically reconfiguring one or 50 such as new or improved transcoding algorithms, while at 

more of its operational parameters. the same time not requiring changing or retesting other 

Referring now to FIG. 3, according to yet another software components in the system. This feature is espe- 

embodiment of the present invention, the dynamically- ciaU y beneficial where transcoding server 34 also interacts 

controllable network device may be implemented as a Wltn " enabIed " network clients equipped with specialized 

transcoding server 34 including a transcoder 20 includes a 55 transcodi ng software. Transcoding server 34 may advanta- 

parser 22 and a plurality of transcode service providers 24. geously be configured flexibly enough to readily interact 

Parser 22 is configured to act upon data received by wth botD non-enabled and enabled network clients, 

transcoder 20, such as a request for a network object Like parser 22, server-side cache interface 28 may be 

generated by a client device or a reply to such a request modeled after a standard Get/Set interface. Server-side 

provided by a content server device. In this particular 60 cache memory 30 essentially "owns" all cached objects, in 

embodiment, parser 22 is responsible for selectively invok- that it manages the properties and storage of the objects and 

ing one or more of transcode service providers 24 based may invalidate any nonlocked object at any time; however, 

upon a predetermined selection criterion. As illustrated, the actual format of any given cached object is known only 

transcoding server 34 may include an HTTP (HyperText by parser 22 and its associated transcode service providers 

Transfer Protocol) remote proxy 36 capable of accessing 65 24. Thus, for data integrity and transcoding efficiency 

Internet 18 over serv er/netw ork communications link 16. purposes, all access to server-side cache memory 30 in this 

Using transcoder 20, HTTP remote proxy 36 is capable of embodiment is through parser 22. 
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In this particular embodiment, parser 22 includes the hypertext object to be received in its entirety by HTTP 

following calls: remote proxy 36, or added in its entirety to server-side cache 

GetObject(URL, InParams, &OutParams, memory 30, before beginning to send the object to network 

&OutStream, . . . ); client 12. Another benefit of multiple-thread processing is 

GctScalcdObjcct(URL, InParams, &OutParams, 5 that parser 22 may efficiently process requests for the same 

&OutStream, Stage, . . . ); hypertext object from multiple network clients 12. The 

PutObject(URL, InParamStruct, &InStream, hypertext object need only be retrieved from Internet 18 

&OutParams, &OutStream, . . . ). once, and appropriate versions may be transmitted to such 

Parser 22 uses these calls to manage the provision of multiple network clients 12 concurrently. It should be noted, 

requested content to network client 12. 10 however, that embodiments of the present invention may be 

The GetObject( ) call is used to service non-enabled client implemented without multiple-thread processing, 

requests, and returns a non-transcoded (i.e., original) version In accordance with the embodiment illustrated in FIG. 3, 

of a specified hypertext object. In this embodiment, transcoding server 34 may be dynamically controlled to 

transcoding server 34 assumes that each HTTP request has effec( of a wide variet of operations sucn ^ recon . 

a unique thread that may be blocked until the request is fimi • „ 'r . A ^ A 

satisfied. Accordingly, the GetObject( ) call will block untU 15 ^ rmg °P eratl0 ^ 1 Parameters of transcoding server 34. 

it either returns the requested data stream or indicates failure For eXam !> e ' m order to reconfi ^ e wh «* ^twork devices 

with a cause (e.g., object does not exist). This ability to are * access transc « d ^g ™ver 34, an HTTP 

return a so-called standard hypertext object is advantageous messa ^ m ^ }* " nt *° P ar 1 ser 22 ' causin g P"* 1 22 t0 

for compatibility reasons, enabling embodiments of the update (either itself or through transcoding service provider 

present invention to be used with existing browsers that do 20 24 ) a security mechanism maintained by transcoding server 

not include support for certain transcoding functionality 3 f ( for exam ple, a table of valid network addresses), 

(e.g., advanced data compression), and enabling users to Similarly, an HTTP message could be sent to transcoding 

selectively retrieve non-transcoded versions. server 34 to effect a reconfiguration of one or more param- 

The GetScaledObject( ) call is similar to GetObject( ), and eters used by transcoding service providers 24 to transcode 

is also used to request an object from server-side cache 25 content prior to transmission to network client 12, such as 

memory 30; however, it adds support for requesting a instructing transcoding service provider 24 to delete all 

particular version of that object, such as a high-quality occurrences of a particular word from content passed 

rendition. Unlike traditional caching proxies, transcode ser- through it. Other examples of the type of dynamic control 

vice providers 24 can use server-side cache memory 30 to that may be exerted using embodiments of the present 

store several different versions of an object to support clients 30 invention include causing transcoding server 34 to use more 

with different communications and/or presentation capabili- (or less) CPU resources for particular operations, reconfig- 

ties. Thus, an additional "Stage" parameter may be used to uring cache memory 30, and clearing cache memory 30. 

indicate which version of the cached object is to be returned To further describe the operation of a dynamically- 

to network client 12. Where transcode service provider 24 is controllable network device, FIG. 4 provides a flow diagram 

configured to scale network content, it may use this param- 35 describing a general method for dynamically controlling 

eter to request a version of a cached object having, for network device according to an embodiment of the present 

example, a default scaled quality, a refinement to a better- invention. Processing begins with receipt by the 

quality version, or the original non-scaled version. dynamically-controllable network device of an input from 

In this embodiment, when network client 12 requests a another network device (Step 20). Where the dynamically- 

hypertext object, HTTP remote proxy 36 uses either the 40 controllable network device comprises a network proxy, 

GetObject( ) or GetScaledObject( ) call (depending on if such other network device might comprise a client device or 

network client 12 is capable of receiving scaled/transcoded a content server. The dynamically-controllable network 

datatypes) to retrieve the hypertext object from parser 22. If device then parses the received input in an effort to extract 

the hypertext object is not found, parser 22 uses the Crea- a command (Step 30). Assuming a command is found, the 

teEntryo call to create an entry (in effect, a placeholder) in 45 dynamically-controllable network device then performs 

server-side cache me mory 30 for the new object. The new some predetermined action in response to the command 

entry is returned to HTTP remote proxy 36, which requests (Step 40), The method of this embodiment may be used, for 

the hypertext object from Interne t 18. As a data stream for example, to provide the dynamic control functionality 

the hypertext object is returned, HTTP remote proxy 36 calls described above. 

parser 22 using the PutObjecto call, passing into this call the 50 A benefit of a dynamically-controllable network device 

new entry and the handle to the data stream to be placed into according to embodiments of the present invention is that no 

the entry. Parser 22 selects an appropriate transcode service changes need be made to existing network infrastructure. In 

provider 24 based, for example, on the content type of the an embodiment where the network device comprises a 

data stream. In this context, the term content type encom- network proxy used for Web transactions, for example, 

passes a datatype, an HTTP MIME (Multipurpose Internet 55 commands may be sent to the network proxy via standard 

Mail Extensions) type, a content format, and so on. The HTTP "POST" methods to special URLs. Accordingly, the 

selected transcode service provider 24 uses a separate thread only client software required to issue proxy commands is a 

to read the incoming data stream, transcode it, and place it standard Web browser, with no special configuration 

within the entry of server-side cache memory 30. The required of the client device other than specifying an HTTP 

current thread immediately returns to HTTP remote proxy 60 proxy as a destination device in the manner currently known 

36, which once again calls GetScaledObject( ) (or in the art. On the other hand, the network proxy can also 

GetObject( )). This case will always result in a cache hit. accept commands from specialized client software if 

This thread then works simultaneously with the separate present. Similarly, the dynamically-controllable network 

thread in the PutObject( ) to tunnel data (either original or proxy may freely interact with existing server devices. The 

transcoded) from transcoding server 34 to network client 12. 65 proxy may generate its own forms and status replies for the 

Multiple-thread processing may be used to improve the client as needed, without the need for any specially- 

efficiency of transcoding server 34 by not waiting for a configured HTTP server software or CGI (Common Gate- 
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way Interface) script-processing capability. For example, the What is claimed is: 

proxy can generate an HTML form that is displayed by the LA dynamically-controllable network proxy comprising 

client's browser. The user may then fill in the form and a parser module and a service provider module coupled to 

submit it. The browser takes the filled-in form and uses the said parser module, said parser module including instruc- 

input to create a POST communicating the results from the 5 tions for selectively invoking said service provider module 

HTML form. The proxy may then act on the POST, possibly in response to a command parsed from an external input 

generating its own status replies so that the user is informed received by said network proxy, said service provider mod- 

whether or not the input command(s) worked. Such status ule comprising instructions for performing a predetermined 

replies would then be displayed by the browser. Using an function at said network proxy. 

arrangement of this type, existing servers and clients may 10 2. The network proxy of claim 1, wherein said network 

interact with the dynamically-controllable network proxy proxy is arranged between a client and a server, said parser 

the same as they would with any other network proxy. module further including instructions for selectively invok- 

Embodiments of the present invention may therefore be ing said service provider module in response to a command 

transparently implemented in existing network parsed from a data object received from the server, 

infrastructures, with no need for special communications 15 3. The network proxy of claim 2, wherein said service 

ports or special protocols. provider module comprises instructions for transcoding said 

Embodiments of the present invention may be distributed, data object prior to forwarding said data object to the client, 

for example, as a set of instructions residing on a storage 4. The network proxy of claim 1, wherein said service 

medium. Such a storage medium might be a memory of a provider module comprises instructions for reconfiguring 

computer; a piece of firmware; a portable storage device, 20 said network proxy. 

such as a diskette or other magnetic storage device, or a 5. The network proxy of claim 4, wherein said service 

CD-ROM; or any other medium on which it is known to provider module further comprises instructions for setting an 

store executable instructions. operational parameter of said network proxy. 

Although the present invention has been described with 6. The network proxy of claim 1, wherein the external 

reference to embodiments for accessing data from the 25 input comprises an HTTP-compliant message. 

Internet, persons skilled in the art will recognize that it is 7. The network proxy of claim 1, wherein said network 

equally applicable to other networking environments. For proxy is arranged between a client and a server, said parser 

example, embodiments of the present invention may be used module further including instructions for selectively invok- 

to enhance data communications between a network client ing said service provider module in response to a command 

computer and an "intranet." An intranet typically is a secure 30 parsed from a request received from the client, 

corporate network modeled after the Internet architecture, 8. The network proxy of claim 1, wherein said network 

and generally includes mechanisms for communicating with proxy is arranged between a client and a remote network 

external networks such as the Internet. device, said parser module further including instructions for 

The foregoing is a detailed description of particular selectively invoking said service provider module in 
embodiments of the present invention. The invention 35 response to a command parsed from a data object received 
embraces all alternatives, modifications and variations that by said network proxy from the remote network device, 
fall within the letter and spirit of the claims, as well as all 9. The network proxy of claim 1, wherein said service 
equivalents of the claimed subject matter. For example, provider module further comprises instructions for manag- 
persons skilled in the art will readily recognize that the ing a log file used by said network proxy, 
functionality described herein may be implemented in vir- 40 10. The network proxy of claim 1, wherein said service 
tually any network device capable of receiving HTTP provider module further comprises instructions for obtaining 
messages, including content servers and client devices. status information from said network proxy. 
Moreover, embodiments of the present invention may be 11. The network proxy of claim 1, wherein said service 
applied to communications protocols other than HTTP. provider module further comprises instructions for restarting 
Persons skilled in the art will recognize from the foregoing 45 said network proxy, 
detailed description that many other alternatives, modifica- 
tions and variations are possible. * * * * * 
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